[Freeipa-devel] [freeipa PR#1568][opened] [Backport][ipa-4-5] - ipatest: replica install with existing entry on master

Tue, 13 Feb 2018 08:00:18 -0800 

   URL: https://github.com/freeipa/freeipa/pull/1568
Author: Rezney
 Title: #1568: [Backport][ipa-4-5] - ipatest: replica install with existing 
entry on master
Action: opened

PR body:
"""
    replica install might fail because of existing entry for replica like
    `cn=ipa-http-delegation,cn=s4u2proxy,cn=etc,$SUFFIX` etc. The situation
    may arise due to incorrect uninstall of replica or ipa server-del is
    not executed on master.

    related bug : https://pagure.io/freeipa/issue/7174

Fixes: https://pagure.io/freeipa/issue/7276

Signed-off-by: Mohammad Rizwan Yusuf <myu...@redhat.com>
Reviewed-By: Christian Heimes <chei...@redhat.com>
"""

To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/1568/head:pr1568
git checkout pr1568

From 0725ee9ae0a4bf70fe39a60e0836fa3b1e00418f Mon Sep 17 00:00:00 2001
From: Mohammad Rizwan Yusuf <myu...@redhat.com>
Date: Wed, 22 Nov 2017 16:54:33 +0530
Subject: [PATCH] ipatest: replica install with existing entry on master

    replica install might fail because of existing entry for replica like
    `cn=ipa-http-delegation,cn=s4u2proxy,cn=etc,$SUFFIX` etc. The situation
    may arise due to incorrect uninstall of replica or ipa server-del is
    not executed on master.

    related bug : https://pagure.io/freeipa/issue/7174

Fixes: https://pagure.io/freeipa/issue/7276

Signed-off-by: Mohammad Rizwan Yusuf <myu...@redhat.com>
Reviewed-By: Christian Heimes <chei...@redhat.com>
---
 .../test_integration/test_replica_promotion.py     | 44 ++++++++++++++++++++++
 .../test_integration/test_replication_layouts.py   |  2 +-
 2 files changed, 45 insertions(+), 1 deletion(-)

diff --git a/ipatests/test_integration/test_replica_promotion.py b/ipatests/test_integration/test_replica_promotion.py
index bc52566f15..4629d1ff05 100644
--- a/ipatests/test_integration/test_replica_promotion.py
+++ b/ipatests/test_integration/test_replica_promotion.py
@@ -3,6 +3,8 @@
 #
 
 import time
+from tempfile import NamedTemporaryFile
+import textwrap
 import pytest
 from ipatests.test_integration.base import IntegrationTest
 from ipatests.pytest_plugins.integration import tasks
@@ -483,3 +485,45 @@ def test_automatic_renewal_master_transfer_ondelete(self):
         assert("IPA CA renewal master: %s" % self.master.hostname in result), (
             "Master hostname not found among CA renewal masters"
         )
+
+
+class TestReplicaInstallWithExistingEntry(IntegrationTest):
+    """replica install might fail because of existing entry for replica like
+    `cn=ipa-http-delegation,cn=s4u2proxy,cn=etc,$SUFFIX` etc. The situation
+    may arise due to incorrect uninstall of replica.
+
+    https://pagure.io/freeipa/issue/7174""";
+
+    num_replicas = 1
+
+    def test_replica_install_with_existing_entry(self):
+        master = self.master
+        tasks.install_master(master)
+        replica = self.replicas[0]
+        tf = NamedTemporaryFile()
+        ldif_file = tf.name
+        base_dn = "dc=%s" % (",dc=".join(replica.domain.name.split(".")))
+        # adding entry for replica on master so that master will have it before
+        # replica installtion begins and creates a situation for pagure-7174
+        entry_ldif = textwrap.dedent("""
+            dn: cn=ipa-http-delegation,cn=s4u2proxy,cn=etc,{base_dn}
+            changetype: modify
+            add: memberPrincipal
+            memberPrincipal: HTTP/{hostname}@{realm}
+
+            dn: cn=ipa-ldap-delegation-targets,cn=s4u2proxy,cn=etc,{base_dn}
+            changetype: modify
+            add: memberPrincipal
+            memberPrincipal: ldap/{hostname}@{realm}""").format(
+            base_dn=base_dn, hostname=replica.hostname,
+            realm=replica.domain.name.upper())
+        master.put_file_contents(ldif_file, entry_ldif)
+        arg = ['ldapmodify',
+               '-h', master.hostname,
+               '-p', '389', '-D',
+               str(master.config.dirman_dn),   # pylint: disable=no-member
+               '-w', master.config.dirman_password,
+               '-f', ldif_file]
+        master.run_command(arg)
+
+        tasks.install_replica(master, replica)
diff --git a/ipatests/test_integration/test_replication_layouts.py b/ipatests/test_integration/test_replication_layouts.py
index f1408453b3..d631cad60a 100644
--- a/ipatests/test_integration/test_replication_layouts.py
+++ b/ipatests/test_integration/test_replication_layouts.py
@@ -1,5 +1,5 @@
 #
-# Copyright (C) 2015  FreeIPA Contributors see COPYING for license
+# Copyright (C) 2017  FreeIPA Contributors see COPYING for license
 #
 
 import time

_______________________________________________
FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org
To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org

Reply via email to